Linux Security Magazine May 29. In this issue - Articles: The Top 10 Security Risks, Intrusion Detection on Linux, Analyzing Future Computer Trends and Threats, Always-on Internet Security, Mini-FAQ: "antivirus software for Linux". New Advisories this week: FreeBSD process and krb5 vubnerabilities, TurboLinux gpm, SuSE gdm, Slackware fdmount, XFree86 Multiple distribution vulnerability, Red Hat Secure Web Server 3.0-3.2: mailmail, Qpopper Vulnerability, Mandrake 7 dump vulnerability, Mandrake xemacs vulnerability, Mandrake fdmount buffer overflow, Caldera buffer overflow in kdm, and Caldera DoS attack against X server.
7dfd070ef058e716f57228524f1de6980dc09e772cf2b571688d4489cf6a21e4conflict-DoS.c and conflictd.c are tools which spoof arp packets to make an annoying popup message appear on the target windows machine. It is faster to close all the boxes than reboot. Tested on FreeBSD 4.0. Uses libnet.
3052be4e41953d7b53d40912556f19985d90a258d2c2c9c779131052e107ad32Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
20ada8083a2c773baff8cb842960c41146ad942dfe604084482ae24470262a29ECrack v0.1 - Energymech (StarGlider Class - IRC bot) brute force password cracker. Tested with emech-2.7.6 but should work with other versions also.
965bcadb702864ba2de652dc0a30c9932d3974a698c74d705f69c326931d9e6eHunt (linux binary distribution) is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.
ac19041b44e008c04d61ff7f5b5814d6dca222360f7b72d642db09ae5b89b9b3Hunt is a program for intruding into a tcp connection, watching it and resetting it. It can handle all connections it sees. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Requires Linux 2.2, GlibC 2.1 with LinuxThreads, Ethernet.
a8a1978f3bd05ca3f01c168c13c9a09b1e1e9038c14fdfe43694c07fe3a0e328SuSE Security Announcement - A local security hole was discovered in the KDE CD player, kmulti here.
3d6e3eea20f253e2d757f141b870e0c57ded66217a446d1cc10dd0bab9e94906Remote Cart32 exploit - Though L0pht released an advisory and patch for the well known Cart32 bug, this is the first exploit released to date. Allows remote command execution.
b15ca1584e4ea0d26f2e39fd6253fdaeb6ec98bcc198aec4914a379e204b8f61
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed